1 /* $NetBSD: ip6_input.c,v 1.129 2010/02/04 21:48:35 joerg Exp $ */ 2 /* $KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1988, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.129 2010/02/04 21:48:35 joerg Exp $"); 66 67 #include "opt_gateway.h" 68 #include "opt_inet.h" 69 #include "opt_inet6.h" 70 #include "opt_ipsec.h" 71 #include "opt_pfil_hooks.h" 72 #include "opt_compat_netbsd.h" 73 74 #include <sys/param.h> 75 #include <sys/systm.h> 76 #include <sys/malloc.h> 77 #include <sys/mbuf.h> 78 #include <sys/domain.h> 79 #include <sys/protosw.h> 80 #include <sys/socket.h> 81 #include <sys/socketvar.h> 82 #include <sys/errno.h> 83 #include <sys/time.h> 84 #include <sys/kernel.h> 85 #include <sys/syslog.h> 86 #include <sys/proc.h> 87 #include <sys/sysctl.h> 88 89 #include <net/if.h> 90 #include <net/if_types.h> 91 #include <net/if_dl.h> 92 #include <net/route.h> 93 #include <net/netisr.h> 94 #ifdef PFIL_HOOKS 95 #include <net/pfil.h> 96 #endif 97 98 #include <netinet/in.h> 99 #include <netinet/in_systm.h> 100 #ifdef INET 101 #include <netinet/ip.h> 102 #include <netinet/ip_icmp.h> 103 #endif /* INET */ 104 #include <netinet/ip6.h> 105 #include <netinet6/in6_var.h> 106 #include <netinet6/ip6_var.h> 107 #include <netinet6/ip6_private.h> 108 #include <netinet6/in6_pcb.h> 109 #include <netinet/icmp6.h> 110 #include <netinet6/scope6_var.h> 111 #include <netinet6/in6_ifattach.h> 112 #include <netinet6/nd6.h> 113 114 #ifdef IPSEC 115 #include <netinet6/ipsec.h> 116 #include <netinet6/ipsec_private.h> 117 #endif 118 119 #ifdef FAST_IPSEC 120 #include <netipsec/ipsec.h> 121 #include <netipsec/ipsec6.h> 122 #include <netipsec/key.h> 123 #endif /* FAST_IPSEC */ 124 125 #ifdef COMPAT_50 126 #include <compat/sys/time.h> 127 #include <compat/sys/socket.h> 128 #endif 129 130 #include <netinet6/ip6protosw.h> 131 132 #include "faith.h" 133 #include "gif.h" 134 135 #if NGIF > 0 136 #include <netinet6/in6_gif.h> 137 #endif 138 139 #include <net/net_osdep.h> 140 141 extern struct domain inet6domain; 142 143 u_char ip6_protox[IPPROTO_MAX]; 144 static int ip6qmaxlen = IFQ_MAXLEN; 145 struct in6_ifaddr *in6_ifaddr; 146 struct ifqueue ip6intrq; 147 148 extern callout_t in6_tmpaddrtimer_ch; 149 150 int ip6_forward_srcrt; /* XXX */ 151 int ip6_sourcecheck; /* XXX */ 152 int ip6_sourcecheck_interval; /* XXX */ 153 154 #ifdef PFIL_HOOKS 155 struct pfil_head inet6_pfil_hook; 156 #endif 157 158 percpu_t *ip6stat_percpu; 159 160 static void ip6_init2(void *); 161 static struct m_tag *ip6_setdstifaddr(struct mbuf *, const struct in6_ifaddr *); 162 163 static int ip6_hopopts_input(u_int32_t *, u_int32_t *, struct mbuf **, int *); 164 static struct mbuf *ip6_pullexthdr(struct mbuf *, size_t, int); 165 static void sysctl_net_inet6_ip6_setup(struct sysctllog **); 166 167 /* 168 * IP6 initialization: fill in IP6 protocol switch table. 169 * All protocols not implemented in kernel go to raw IP6 protocol handler. 170 */ 171 void 172 ip6_init(void) 173 { 174 const struct ip6protosw *pr; 175 int i; 176 177 sysctl_net_inet6_ip6_setup(NULL); 178 pr = (const struct ip6protosw *)pffindproto(PF_INET6, IPPROTO_RAW, SOCK_RAW); 179 if (pr == 0) 180 panic("ip6_init"); 181 for (i = 0; i < IPPROTO_MAX; i++) 182 ip6_protox[i] = pr - inet6sw; 183 for (pr = (const struct ip6protosw *)inet6domain.dom_protosw; 184 pr < (const struct ip6protosw *)inet6domain.dom_protoswNPROTOSW; pr++) 185 if (pr->pr_domain->dom_family == PF_INET6 && 186 pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW) 187 ip6_protox[pr->pr_protocol] = pr - inet6sw; 188 ip6intrq.ifq_maxlen = ip6qmaxlen; 189 scope6_init(); 190 addrsel_policy_init(); 191 nd6_init(); 192 frag6_init(); 193 ip6_desync_factor = arc4random() % MAX_TEMP_DESYNC_FACTOR; 194 195 ip6_init2((void *)0); 196 #ifdef GATEWAY 197 ip6flow_init(ip6_hashsize); 198 #endif 199 200 #ifdef PFIL_HOOKS 201 /* Register our Packet Filter hook. */ 202 inet6_pfil_hook.ph_type = PFIL_TYPE_AF; 203 inet6_pfil_hook.ph_af = AF_INET6; 204 i = pfil_head_register(&inet6_pfil_hook); 205 if (i != 0) 206 printf("ip6_init: WARNING: unable to register pfil hook, " 207 "error %d\n", i); 208 #endif /* PFIL_HOOKS */ 209 210 ip6stat_percpu = percpu_alloc(sizeof(uint64_t) * IP6_NSTATS); 211 } 212 213 static void 214 ip6_init2(void *dummy) 215 { 216 217 /* nd6_timer_init */ 218 callout_init(&nd6_timer_ch, CALLOUT_MPSAFE); 219 callout_reset(&nd6_timer_ch, hz, nd6_timer, NULL); 220 221 /* timer for regeneranation of temporary addresses randomize ID */ 222 callout_init(&in6_tmpaddrtimer_ch, CALLOUT_MPSAFE); 223 callout_reset(&in6_tmpaddrtimer_ch, 224 (ip6_temp_preferred_lifetime - ip6_desync_factor - 225 ip6_temp_regen_advance) * hz, 226 in6_tmpaddrtimer, NULL); 227 } 228 229 /* 230 * IP6 input interrupt handling. Just pass the packet to ip6_input. 231 */ 232 void 233 ip6intr(void) 234 { 235 int s; 236 struct mbuf *m; 237 238 mutex_enter(softnet_lock); 239 KERNEL_LOCK(1, NULL); 240 for (;;) { 241 s = splnet(); 242 IF_DEQUEUE(&ip6intrq, m); 243 splx(s); 244 if (m == 0) 245 break; 246 /* drop the packet if IPv6 operation is disabled on the IF */ 247 if ((ND_IFINFO(m->m_pkthdr.rcvif)->flags & ND6_IFF_IFDISABLED)) { 248 m_freem(m); 249 break; 250 } 251 ip6_input(m); 252 } 253 KERNEL_UNLOCK_ONE(NULL); 254 mutex_exit(softnet_lock); 255 } 256 257 extern struct route ip6_forward_rt; 258 259 void 260 ip6_input(struct mbuf *m) 261 { 262 struct ip6_hdr *ip6; 263 int hit, off = sizeof(struct ip6_hdr), nest; 264 u_int32_t plen; 265 u_int32_t rtalert = ~0; 266 int nxt, ours = 0, rh_present = 0; 267 struct ifnet *deliverifp = NULL; 268 int srcrt = 0; 269 const struct rtentry *rt; 270 union { 271 struct sockaddr dst; 272 struct sockaddr_in6 dst6; 273 } u; 274 #ifdef FAST_IPSEC 275 struct m_tag *mtag; 276 struct tdb_ident *tdbi; 277 struct secpolicy *sp; 278 int s, error; 279 #endif 280 281 #ifdef IPSEC 282 /* 283 * should the inner packet be considered authentic? 284 * see comment in ah4_input(). 285 */ 286 m->m_flags &= ~M_AUTHIPHDR; 287 m->m_flags &= ~M_AUTHIPDGM; 288 #endif 289 290 /* 291 * make sure we don't have onion peering information into m_tag. 292 */ 293 ip6_delaux(m); 294 295 /* 296 * mbuf statistics 297 */ 298 if (m->m_flags & M_EXT) { 299 if (m->m_next) 300 IP6_STATINC(IP6_STAT_MEXT2M); 301 else 302 IP6_STATINC(IP6_STAT_MEXT1); 303 } else { 304 #define M2MMAX 32 305 if (m->m_next) { 306 if (m->m_flags & M_LOOP) { 307 /*XXX*/ IP6_STATINC(IP6_STAT_M2M + lo0ifp->if_index); 308 } else if (m->m_pkthdr.rcvif->if_index < M2MMAX) { 309 IP6_STATINC(IP6_STAT_M2M + 310 m->m_pkthdr.rcvif->if_index); 311 } else 312 IP6_STATINC(IP6_STAT_M2M); 313 } else 314 IP6_STATINC(IP6_STAT_M1); 315 #undef M2MMAX 316 } 317 318 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_receive); 319 IP6_STATINC(IP6_STAT_TOTAL); 320 321 /* 322 * If the IPv6 header is not aligned, slurp it up into a new 323 * mbuf with space for link headers, in the event we forward 324 * it. Otherwise, if it is aligned, make sure the entire base 325 * IPv6 header is in the first mbuf of the chain. 326 */ 327 if (IP6_HDR_ALIGNED_P(mtod(m, void *)) == 0) { 328 struct ifnet *inifp = m->m_pkthdr.rcvif; 329 if ((m = m_copyup(m, sizeof(struct ip6_hdr), 330 (max_linkhdr + 3) & ~3)) == NULL) { 331 /* XXXJRT new stat, please */ 332 IP6_STATINC(IP6_STAT_TOOSMALL); 333 in6_ifstat_inc(inifp, ifs6_in_hdrerr); 334 return; 335 } 336 } else if (__predict_false(m->m_len < sizeof(struct ip6_hdr))) { 337 struct ifnet *inifp = m->m_pkthdr.rcvif; 338 if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) { 339 IP6_STATINC(IP6_STAT_TOOSMALL); 340 in6_ifstat_inc(inifp, ifs6_in_hdrerr); 341 return; 342 } 343 } 344 345 ip6 = mtod(m, struct ip6_hdr *); 346 347 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) { 348 IP6_STATINC(IP6_STAT_BADVERS); 349 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr); 350 goto bad; 351 } 352 353 #if defined(IPSEC) 354 /* IPv6 fast forwarding is not compatible with IPsec. */ 355 m->m_flags &= ~M_CANFASTFWD; 356 #else 357 /* 358 * Assume that we can create a fast-forward IP flow entry 359 * based on this packet. 360 */ 361 m->m_flags |= M_CANFASTFWD; 362 #endif 363 364 #ifdef PFIL_HOOKS 365 /* 366 * Run through list of hooks for input packets. If there are any 367 * filters which require that additional packets in the flow are 368 * not fast-forwarded, they must clear the M_CANFASTFWD flag. 369 * Note that filters must _never_ set this flag, as another filter 370 * in the list may have previously cleared it. 371 */ 372 /* 373 * let ipfilter look at packet on the wire, 374 * not the decapsulated packet. 375 */ 376 #ifdef IPSEC 377 if (!ipsec_getnhist(m)) 378 #elif defined(FAST_IPSEC) 379 if (!ipsec_indone(m)) 380 #else 381 if (1) 382 #endif 383 { 384 struct in6_addr odst; 385 386 odst = ip6->ip6_dst; 387 if (pfil_run_hooks(&inet6_pfil_hook, &m, m->m_pkthdr.rcvif, 388 PFIL_IN) != 0) 389 return; 390 if (m == NULL) 391 return; 392 ip6 = mtod(m, struct ip6_hdr *); 393 srcrt = !IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst); 394 } 395 #endif /* PFIL_HOOKS */ 396 397 IP6_STATINC(IP6_STAT_NXTHIST + ip6->ip6_nxt); 398 399 #ifdef ALTQ 400 if (altq_input != NULL && (*altq_input)(m, AF_INET6) == 0) { 401 /* packet is dropped by traffic conditioner */ 402 return; 403 } 404 #endif 405 406 /* 407 * Check against address spoofing/corruption. 408 */ 409 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src) || 410 IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_dst)) { 411 /* 412 * XXX: "badscope" is not very suitable for a multicast source. 413 */ 414 IP6_STATINC(IP6_STAT_BADSCOPE); 415 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); 416 goto bad; 417 } 418 /* 419 * The following check is not documented in specs. A malicious 420 * party may be able to use IPv4 mapped addr to confuse tcp/udp stack 421 * and bypass security checks (act as if it was from 127.0.0.1 by using 422 * IPv6 src ::ffff:127.0.0.1). Be cautious. 423 * 424 * This check chokes if we are in an SIIT cloud. As none of BSDs 425 * support IPv4-less kernel compilation, we cannot support SIIT 426 * environment at all. So, it makes more sense for us to reject any 427 * malicious packets for non-SIIT environment, than try to do a 428 * partial support for SIIT environment. 429 */ 430 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || 431 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { 432 IP6_STATINC(IP6_STAT_BADSCOPE); 433 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); 434 goto bad; 435 } 436 #if 0 437 /* 438 * Reject packets with IPv4 compatible addresses (auto tunnel). 439 * 440 * The code forbids auto tunnel relay case in RFC1933 (the check is 441 * stronger than RFC1933). We may want to re-enable it if mech-xx 442 * is revised to forbid relaying case. 443 */ 444 if (IN6_IS_ADDR_V4COMPAT(&ip6->ip6_src) || 445 IN6_IS_ADDR_V4COMPAT(&ip6->ip6_dst)) { 446 IP6_STATINC(IP6_STAT_BADSCOPE); 447 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); 448 goto bad; 449 } 450 #endif 451 452 /* 453 * Disambiguate address scope zones (if there is ambiguity). 454 * We first make sure that the original source or destination address 455 * is not in our internal form for scoped addresses. Such addresses 456 * are not necessarily invalid spec-wise, but we cannot accept them due 457 * to the usage conflict. 458 * in6_setscope() then also checks and rejects the cases where src or 459 * dst are the loopback address and the receiving interface 460 * is not loopback. 461 */ 462 if (__predict_false( 463 m_makewritable(&m, 0, sizeof(struct ip6_hdr), M_DONTWAIT))) 464 goto bad; 465 ip6 = mtod(m, struct ip6_hdr *); 466 if (in6_clearscope(&ip6->ip6_src) || in6_clearscope(&ip6->ip6_dst)) { 467 IP6_STATINC(IP6_STAT_BADSCOPE); /* XXX */ 468 goto bad; 469 } 470 if (in6_setscope(&ip6->ip6_src, m->m_pkthdr.rcvif, NULL) || 471 in6_setscope(&ip6->ip6_dst, m->m_pkthdr.rcvif, NULL)) { 472 IP6_STATINC(IP6_STAT_BADSCOPE); 473 goto bad; 474 } 475 476 /* 477 * Multicast check 478 */ 479 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 480 struct in6_multi *in6m = 0; 481 482 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_mcast); 483 /* 484 * See if we belong to the destination multicast group on the 485 * arrival interface. 486 */ 487 IN6_LOOKUP_MULTI(ip6->ip6_dst, m->m_pkthdr.rcvif, in6m); 488 if (in6m) 489 ours = 1; 490 else if (!ip6_mrouter) { 491 uint64_t *ip6s = IP6_STAT_GETREF(); 492 ip6s[IP6_STAT_NOTMEMBER]++; 493 ip6s[IP6_STAT_CANTFORWARD]++; 494 IP6_STAT_PUTREF(); 495 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard); 496 goto bad; 497 } 498 deliverifp = m->m_pkthdr.rcvif; 499 goto hbhcheck; 500 } 501 502 sockaddr_in6_init(&u.dst6, &ip6->ip6_dst, 0, 0, 0); 503 504 /* 505 * Unicast check 506 */ 507 rt = rtcache_lookup2(&ip6_forward_rt, &u.dst, 1, &hit); 508 if (hit) 509 IP6_STATINC(IP6_STAT_FORWARD_CACHEHIT); 510 else 511 IP6_STATINC(IP6_STAT_FORWARD_CACHEMISS); 512 513 #define rt6_getkey(__rt) satocsin6(rt_getkey(__rt)) 514 515 /* 516 * Accept the packet if the forwarding interface to the destination 517 * according to the routing table is the loopback interface, 518 * unless the associated route has a gateway. 519 * Note that this approach causes to accept a packet if there is a 520 * route to the loopback interface for the destination of the packet. 521 * But we think it's even useful in some situations, e.g. when using 522 * a special daemon which wants to intercept the packet. 523 */ 524 if (rt != NULL && 525 (rt->rt_flags & (RTF_HOST|RTF_GATEWAY)) == RTF_HOST && 526 !(rt->rt_flags & RTF_CLONED) && 527 #if 0 528 /* 529 * The check below is redundant since the comparison of 530 * the destination and the key of the rtentry has 531 * already done through looking up the routing table. 532 */ 533 IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &rt6_getkey(rt)->sin6_addr) && 534 #endif 535 rt->rt_ifp->if_type == IFT_LOOP) { 536 struct in6_ifaddr *ia6 = (struct in6_ifaddr *)rt->rt_ifa; 537 if (ia6->ia6_flags & IN6_IFF_ANYCAST) 538 m->m_flags |= M_ANYCAST6; 539 /* 540 * packets to a tentative, duplicated, or somehow invalid 541 * address must not be accepted. 542 */ 543 if (!(ia6->ia6_flags & IN6_IFF_NOTREADY)) { 544 /* this address is ready */ 545 ours = 1; 546 deliverifp = ia6->ia_ifp; /* correct? */ 547 goto hbhcheck; 548 } else { 549 /* address is not ready, so discard the packet. */ 550 nd6log((LOG_INFO, 551 "ip6_input: packet to an unready address %s->%s\n", 552 ip6_sprintf(&ip6->ip6_src), 553 ip6_sprintf(&ip6->ip6_dst))); 554 555 goto bad; 556 } 557 } 558 559 /* 560 * FAITH (Firewall Aided Internet Translator) 561 */ 562 #if defined(NFAITH) && 0 < NFAITH 563 if (ip6_keepfaith) { 564 if (rt != NULL && rt->rt_ifp != NULL && 565 rt->rt_ifp->if_type == IFT_FAITH) { 566 /* XXX do we need more sanity checks? */ 567 ours = 1; 568 deliverifp = rt->rt_ifp; /* faith */ 569 goto hbhcheck; 570 } 571 } 572 #endif 573 574 #if 0 575 { 576 /* 577 * Last resort: check in6_ifaddr for incoming interface. 578 * The code is here until I update the "goto ours hack" code above 579 * working right. 580 */ 581 struct ifaddr *ifa; 582 IFADDR_FOREACH(ifa, m->m_pkthdr.rcvif) { 583 if (ifa->ifa_addr == NULL) 584 continue; /* just for safety */ 585 if (ifa->ifa_addr->sa_family != AF_INET6) 586 continue; 587 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ip6->ip6_dst)) { 588 ours = 1; 589 deliverifp = ifa->ifa_ifp; 590 goto hbhcheck; 591 } 592 } 593 } 594 #endif 595 596 /* 597 * Now there is no reason to process the packet if it's not our own 598 * and we're not a router. 599 */ 600 if (!ip6_forwarding) { 601 IP6_STATINC(IP6_STAT_CANTFORWARD); 602 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard); 603 goto bad; 604 } 605 606 hbhcheck: 607 /* 608 * record address information into m_tag, if we don't have one yet. 609 * note that we are unable to record it, if the address is not listed 610 * as our interface address (e.g. multicast addresses, addresses 611 * within FAITH prefixes and such). 612 */ 613 if (deliverifp && ip6_getdstifaddr(m) == NULL) { 614 struct in6_ifaddr *ia6; 615 616 ia6 = in6_ifawithifp(deliverifp, &ip6->ip6_dst); 617 if (ia6 != NULL && ip6_setdstifaddr(m, ia6) == NULL) { 618 /* 619 * XXX maybe we should drop the packet here, 620 * as we could not provide enough information 621 * to the upper layers. 622 */ 623 } 624 } 625 626 /* 627 * Process Hop-by-Hop options header if it's contained. 628 * m may be modified in ip6_hopopts_input(). 629 * If a JumboPayload option is included, plen will also be modified. 630 */ 631 plen = (u_int32_t)ntohs(ip6->ip6_plen); 632 if (ip6->ip6_nxt == IPPROTO_HOPOPTS) { 633 struct ip6_hbh *hbh; 634 635 if (ip6_hopopts_input(&plen, &rtalert, &m, &off)) { 636 #if 0 /*touches NULL pointer*/ 637 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard); 638 #endif 639 return; /* m have already been freed */ 640 } 641 642 /* adjust pointer */ 643 ip6 = mtod(m, struct ip6_hdr *); 644 645 /* 646 * if the payload length field is 0 and the next header field 647 * indicates Hop-by-Hop Options header, then a Jumbo Payload 648 * option MUST be included. 649 */ 650 if (ip6->ip6_plen == 0 && plen == 0) { 651 /* 652 * Note that if a valid jumbo payload option is 653 * contained, ip6_hopopts_input() must set a valid 654 * (non-zero) payload length to the variable plen. 655 */ 656 IP6_STATINC(IP6_STAT_BADOPTIONS); 657 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard); 658 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr); 659 icmp6_error(m, ICMP6_PARAM_PROB, 660 ICMP6_PARAMPROB_HEADER, 661 (char *)&ip6->ip6_plen - (char *)ip6); 662 return; 663 } 664 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, sizeof(struct ip6_hdr), 665 sizeof(struct ip6_hbh)); 666 if (hbh == NULL) { 667 IP6_STATINC(IP6_STAT_TOOSHORT); 668 return; 669 } 670 KASSERT(IP6_HDR_ALIGNED_P(hbh)); 671 nxt = hbh->ip6h_nxt; 672 673 /* 674 * accept the packet if a router alert option is included 675 * and we act as an IPv6 router. 676 */ 677 if (rtalert != ~0 && ip6_forwarding) 678 ours = 1; 679 } else 680 nxt = ip6->ip6_nxt; 681 682 /* 683 * Check that the amount of data in the buffers 684 * is as at least much as the IPv6 header would have us expect. 685 * Trim mbufs if longer than we expect. 686 * Drop packet if shorter than we expect. 687 */ 688 if (m->m_pkthdr.len - sizeof(struct ip6_hdr) < plen) { 689 IP6_STATINC(IP6_STAT_TOOSHORT); 690 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_truncated); 691 goto bad; 692 } 693 if (m->m_pkthdr.len > sizeof(struct ip6_hdr) + plen) { 694 if (m->m_len == m->m_pkthdr.len) { 695 m->m_len = sizeof(struct ip6_hdr) + plen; 696 m->m_pkthdr.len = sizeof(struct ip6_hdr) + plen; 697 } else 698 m_adj(m, sizeof(struct ip6_hdr) + plen - m->m_pkthdr.len); 699 } 700 701 /* 702 * Forward if desirable. 703 */ 704 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 705 /* 706 * If we are acting as a multicast router, all 707 * incoming multicast packets are passed to the 708 * kernel-level multicast forwarding function. 709 * The packet is returned (relatively) intact; if 710 * ip6_mforward() returns a non-zero value, the packet 711 * must be discarded, else it may be accepted below. 712 */ 713 if (ip6_mrouter && ip6_mforward(ip6, m->m_pkthdr.rcvif, m)) { 714 IP6_STATINC(IP6_STAT_CANTFORWARD); 715 m_freem(m); 716 return; 717 } 718 if (!ours) { 719 m_freem(m); 720 return; 721 } 722 } else if (!ours) { 723 ip6_forward(m, srcrt); 724 return; 725 } 726 727 ip6 = mtod(m, struct ip6_hdr *); 728 729 /* 730 * Malicious party may be able to use IPv4 mapped addr to confuse 731 * tcp/udp stack and bypass security checks (act as if it was from 732 * 127.0.0.1 by using IPv6 src ::ffff:127.0.0.1). Be cautious. 733 * 734 * For SIIT end node behavior, you may want to disable the check. 735 * However, you will become vulnerable to attacks using IPv4 mapped 736 * source. 737 */ 738 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || 739 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { 740 IP6_STATINC(IP6_STAT_BADSCOPE); 741 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); 742 goto bad; 743 } 744 745 /* 746 * Tell launch routine the next header 747 */ 748 #ifdef IFA_STATS 749 if (deliverifp != NULL) { 750 struct in6_ifaddr *ia6; 751 ia6 = in6_ifawithifp(deliverifp, &ip6->ip6_dst); 752 if (ia6) 753 ia6->ia_ifa.ifa_data.ifad_inbytes += m->m_pkthdr.len; 754 } 755 #endif 756 IP6_STATINC(IP6_STAT_DELIVERED); 757 in6_ifstat_inc(deliverifp, ifs6_in_deliver); 758 nest = 0; 759 760 rh_present = 0; 761 while (nxt != IPPROTO_DONE) { 762 if (ip6_hdrnestlimit && (++nest > ip6_hdrnestlimit)) { 763 IP6_STATINC(IP6_STAT_TOOMANYHDR); 764 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr); 765 goto bad; 766 } 767 768 /* 769 * protection against faulty packet - there should be 770 * more sanity checks in header chain processing. 771 */ 772 if (m->m_pkthdr.len < off) { 773 IP6_STATINC(IP6_STAT_TOOSHORT); 774 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_truncated); 775 goto bad; 776 } 777 778 if (nxt == IPPROTO_ROUTING) { 779 if (rh_present++) { 780 in6_ifstat_inc(m->m_pkthdr.rcvif, 781 ifs6_in_hdrerr); 782 IP6_STATINC(IP6_STAT_BADOPTIONS); 783 goto bad; 784 } 785 } 786 787 #ifdef IPSEC 788 /* 789 * enforce IPsec policy checking if we are seeing last header. 790 * note that we do not visit this with protocols with pcb layer 791 * code - like udp/tcp/raw ip. 792 */ 793 if ((inet6sw[ip6_protox[nxt]].pr_flags & PR_LASTHDR) != 0 && 794 ipsec6_in_reject(m, NULL)) { 795 IPSEC6_STATINC(IPSEC_STAT_IN_POLVIO); 796 goto bad; 797 } 798 #endif 799 #ifdef FAST_IPSEC 800 /* 801 * enforce IPsec policy checking if we are seeing last header. 802 * note that we do not visit this with protocols with pcb layer 803 * code - like udp/tcp/raw ip. 804 */ 805 if ((inet6sw[ip_protox[nxt]].pr_flags & PR_LASTHDR) != 0) { 806 /* 807 * Check if the packet has already had IPsec processing 808 * done. If so, then just pass it along. This tag gets 809 * set during AH, ESP, etc. input handling, before the 810 * packet is returned to the ip input queue for delivery. 811 */ 812 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL); 813 s = splsoftnet(); 814 if (mtag != NULL) { 815 tdbi = (struct tdb_ident *)(mtag + 1); 816 sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND); 817 } else { 818 sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND, 819 IP_FORWARDING, &error); 820 } 821 if (sp != NULL) { 822 /* 823 * Check security policy against packet attributes. 824 */ 825 error = ipsec_in_reject(sp, m); 826 KEY_FREESP(&sp); 827 } else { 828 /* XXX error stat??? */ 829 error = EINVAL; 830 DPRINTF(("ip6_input: no SP, packet discarded\n"));/*XXX*/ 831 } 832 splx(s); 833 if (error) 834 goto bad; 835 } 836 #endif /* FAST_IPSEC */ 837 838 839 nxt = (*inet6sw[ip6_protox[nxt]].pr_input)(&m, &off, nxt); 840 } 841 return; 842 bad: 843 m_freem(m); 844 } 845 846 /* 847 * set/grab in6_ifaddr correspond to IPv6 destination address. 848 */ 849 static struct m_tag * 850 ip6_setdstifaddr(struct mbuf *m, const struct in6_ifaddr *ia) 851 { 852 struct m_tag *mtag; 853 854 mtag = ip6_addaux(m); 855 if (mtag != NULL) { 856 struct ip6aux *ip6a; 857 858 ip6a = (struct ip6aux *)(mtag + 1); 859 in6_setscope(&ip6a->ip6a_src, ia->ia_ifp, &ip6a->ip6a_scope_id); 860 ip6a->ip6a_src = ia->ia_addr.sin6_addr; 861 ip6a->ip6a_flags = ia->ia6_flags; 862 } 863 return mtag; /* NULL if failed to set */ 864 } 865 866 const struct ip6aux * 867 ip6_getdstifaddr(struct mbuf *m) 868 { 869 struct m_tag *mtag; 870 871 mtag = ip6_findaux(m); 872 if (mtag != NULL) 873 return (struct ip6aux *)(mtag + 1); 874 else 875 return NULL; 876 } 877 878 /* 879 * Hop-by-Hop options header processing. If a valid jumbo payload option is 880 * included, the real payload length will be stored in plenp. 881 * 882 * rtalertp - XXX: should be stored more smart way 883 */ 884 static int 885 ip6_hopopts_input(u_int32_t *plenp, u_int32_t *rtalertp, 886 struct mbuf **mp, int *offp) 887 { 888 struct mbuf *m = *mp; 889 int off = *offp, hbhlen; 890 struct ip6_hbh *hbh; 891 892 /* validation of the length of the header */ 893 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, 894 sizeof(struct ip6_hdr), sizeof(struct ip6_hbh)); 895 if (hbh == NULL) { 896 IP6_STATINC(IP6_STAT_TOOSHORT); 897 return -1; 898 } 899 hbhlen = (hbh->ip6h_len + 1) << 3; 900 IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, sizeof(struct ip6_hdr), 901 hbhlen); 902 if (hbh == NULL) { 903 IP6_STATINC(IP6_STAT_TOOSHORT); 904 return -1; 905 } 906 KASSERT(IP6_HDR_ALIGNED_P(hbh)); 907 off += hbhlen; 908 hbhlen -= sizeof(struct ip6_hbh); 909 910 if (ip6_process_hopopts(m, (u_int8_t *)hbh + sizeof(struct ip6_hbh), 911 hbhlen, rtalertp, plenp) < 0) 912 return (-1); 913 914 *offp = off; 915 *mp = m; 916 return (0); 917 } 918 919 /* 920 * Search header for all Hop-by-hop options and process each option. 921 * This function is separate from ip6_hopopts_input() in order to 922 * handle a case where the sending node itself process its hop-by-hop 923 * options header. In such a case, the function is called from ip6_output(). 924 * 925 * The function assumes that hbh header is located right after the IPv6 header 926 * (RFC2460 p7), opthead is pointer into data content in m, and opthead to 927 * opthead + hbhlen is located in continuous memory region. 928 */ 929 int 930 ip6_process_hopopts(struct mbuf *m, u_int8_t *opthead, int hbhlen, 931 u_int32_t *rtalertp, u_int32_t *plenp) 932 { 933 struct ip6_hdr *ip6; 934 int optlen = 0; 935 u_int8_t *opt = opthead; 936 u_int16_t rtalert_val; 937 u_int32_t jumboplen; 938 const int erroff = sizeof(struct ip6_hdr) + sizeof(struct ip6_hbh); 939 940 for (; hbhlen > 0; hbhlen -= optlen, opt += optlen) { 941 switch (*opt) { 942 case IP6OPT_PAD1: 943 optlen = 1; 944 break; 945 case IP6OPT_PADN: 946 if (hbhlen < IP6OPT_MINLEN) { 947 IP6_STATINC(IP6_STAT_TOOSMALL); 948 goto bad; 949 } 950 optlen = *(opt + 1) + 2; 951 break; 952 case IP6OPT_RTALERT: 953 /* XXX may need check for alignment */ 954 if (hbhlen < IP6OPT_RTALERT_LEN) { 955 IP6_STATINC(IP6_STAT_TOOSMALL); 956 goto bad; 957 } 958 if (*(opt + 1) != IP6OPT_RTALERT_LEN - 2) { 959 /* XXX stat */ 960 icmp6_error(m, ICMP6_PARAM_PROB, 961 ICMP6_PARAMPROB_HEADER, 962 erroff + opt + 1 - opthead); 963 return (-1); 964 } 965 optlen = IP6OPT_RTALERT_LEN; 966 memcpy((void *)&rtalert_val, (void *)(opt + 2), 2); 967 *rtalertp = ntohs(rtalert_val); 968 break; 969 case IP6OPT_JUMBO: 970 /* XXX may need check for alignment */ 971 if (hbhlen < IP6OPT_JUMBO_LEN) { 972 IP6_STATINC(IP6_STAT_TOOSMALL); 973 goto bad; 974 } 975 if (*(opt + 1) != IP6OPT_JUMBO_LEN - 2) { 976 /* XXX stat */ 977 icmp6_error(m, ICMP6_PARAM_PROB, 978 ICMP6_PARAMPROB_HEADER, 979 erroff + opt + 1 - opthead); 980 return (-1); 981 } 982 optlen = IP6OPT_JUMBO_LEN; 983 984 /* 985 * IPv6 packets that have non 0 payload length 986 * must not contain a jumbo payload option. 987 */ 988 ip6 = mtod(m, struct ip6_hdr *); 989 if (ip6->ip6_plen) { 990 IP6_STATINC(IP6_STAT_BADOPTIONS); 991 icmp6_error(m, ICMP6_PARAM_PROB, 992 ICMP6_PARAMPROB_HEADER, 993 erroff + opt - opthead); 994 return (-1); 995 } 996 997 /* 998 * We may see jumbolen in unaligned location, so 999 * we'd need to perform bcopy(). 1000 */ 1001 memcpy(&jumboplen, opt + 2, sizeof(jumboplen)); 1002 jumboplen = (u_int32_t)htonl(jumboplen); 1003 1004 #if 1 1005 /* 1006 * if there are multiple jumbo payload options, 1007 * *plenp will be non-zero and the packet will be 1008 * rejected. 1009 * the behavior may need some debate in ipngwg - 1010 * multiple options does not make sense, however, 1011 * there's no explicit mention in specification. 1012 */ 1013 if (*plenp != 0) { 1014 IP6_STATINC(IP6_STAT_BADOPTIONS); 1015 icmp6_error(m, ICMP6_PARAM_PROB, 1016 ICMP6_PARAMPROB_HEADER, 1017 erroff + opt + 2 - opthead); 1018 return (-1); 1019 } 1020 #endif 1021 1022 /* 1023 * jumbo payload length must be larger than 65535. 1024 */ 1025 if (jumboplen <= IPV6_MAXPACKET) { 1026 IP6_STATINC(IP6_STAT_BADOPTIONS); 1027 icmp6_error(m, ICMP6_PARAM_PROB, 1028 ICMP6_PARAMPROB_HEADER, 1029 erroff + opt + 2 - opthead); 1030 return (-1); 1031 } 1032 *plenp = jumboplen; 1033 1034 break; 1035 default: /* unknown option */ 1036 if (hbhlen < IP6OPT_MINLEN) { 1037 IP6_STATINC(IP6_STAT_TOOSMALL); 1038 goto bad; 1039 } 1040 optlen = ip6_unknown_opt(opt, m, 1041 erroff + opt - opthead); 1042 if (optlen == -1) 1043 return (-1); 1044 optlen += 2; 1045 break; 1046 } 1047 } 1048 1049 return (0); 1050 1051 bad: 1052 m_freem(m); 1053 return (-1); 1054 } 1055 1056 /* 1057 * Unknown option processing. 1058 * The third argument `off' is the offset from the IPv6 header to the option, 1059 * which is necessary if the IPv6 header the and option header and IPv6 header 1060 * is not continuous in order to return an ICMPv6 error. 1061 */ 1062 int 1063 ip6_unknown_opt(u_int8_t *optp, struct mbuf *m, int off) 1064 { 1065 struct ip6_hdr *ip6; 1066 1067 switch (IP6OPT_TYPE(*optp)) { 1068 case IP6OPT_TYPE_SKIP: /* ignore the option */ 1069 return ((int)*(optp + 1)); 1070 case IP6OPT_TYPE_DISCARD: /* silently discard */ 1071 m_freem(m); 1072 return (-1); 1073 case IP6OPT_TYPE_FORCEICMP: /* send ICMP even if multicasted */ 1074 IP6_STATINC(IP6_STAT_BADOPTIONS); 1075 icmp6_error(m, ICMP6_PARAM_PROB, ICMP6_PARAMPROB_OPTION, off); 1076 return (-1); 1077 case IP6OPT_TYPE_ICMP: /* send ICMP if not multicasted */ 1078 IP6_STATINC(IP6_STAT_BADOPTIONS); 1079 ip6 = mtod(m, struct ip6_hdr *); 1080 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) || 1081 (m->m_flags & (M_BCAST|M_MCAST))) 1082 m_freem(m); 1083 else 1084 icmp6_error(m, ICMP6_PARAM_PROB, 1085 ICMP6_PARAMPROB_OPTION, off); 1086 return (-1); 1087 } 1088 1089 m_freem(m); /* XXX: NOTREACHED */ 1090 return (-1); 1091 } 1092 1093 /* 1094 * Create the "control" list for this pcb. 1095 * 1096 * The routine will be called from upper layer handlers like tcp6_input(). 1097 * Thus the routine assumes that the caller (tcp6_input) have already 1098 * called IP6_EXTHDR_CHECK() and all the extension headers are located in the 1099 * very first mbuf on the mbuf chain. 1100 * We may want to add some infinite loop prevention or sanity checks for safety. 1101 * (This applies only when you are using KAME mbuf chain restriction, i.e. 1102 * you are using IP6_EXTHDR_CHECK() not m_pulldown()) 1103 */ 1104 void 1105 ip6_savecontrol(struct in6pcb *in6p, struct mbuf **mp, 1106 struct ip6_hdr *ip6, struct mbuf *m) 1107 { 1108 #ifdef RFC2292 1109 #define IS2292(x, y) ((in6p->in6p_flags & IN6P_RFC2292) ? (x) : (y)) 1110 #else 1111 #define IS2292(x, y) (y) 1112 #endif 1113 1114 if (in6p->in6p_socket->so_options & SO_TIMESTAMP 1115 #ifdef SO_OTIMESTAMP 1116 || in6p->in6p_socket->so_options & SO_OTIMESTAMP 1117 #endif 1118 ) { 1119 struct timeval tv; 1120 1121 microtime(&tv); 1122 #ifdef SO_OTIMESTAMP 1123 if (in6p->in6p_socket->so_options & SO_OTIMESTAMP) { 1124 struct timeval50 tv50; 1125 timeval_to_timeval50(&tv, &tv50); 1126 *mp = sbcreatecontrol((void *) &tv50, sizeof(tv50), 1127 SCM_OTIMESTAMP, SOL_SOCKET); 1128 } else 1129 #endif 1130 *mp = sbcreatecontrol((void *) &tv, sizeof(tv), 1131 SCM_TIMESTAMP, SOL_SOCKET); 1132 if (*mp) 1133 mp = &(*mp)->m_next; 1134 } 1135 1136 /* some OSes call this logic with IPv4 packet, for SO_TIMESTAMP */ 1137 if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) 1138 return; 1139 1140 /* RFC 2292 sec. 5 */ 1141 if ((in6p->in6p_flags & IN6P_PKTINFO) != 0) { 1142 struct in6_pktinfo pi6; 1143 1144 memcpy(&pi6.ipi6_addr, &ip6->ip6_dst, sizeof(struct in6_addr)); 1145 in6_clearscope(&pi6.ipi6_addr); /* XXX */ 1146 pi6.ipi6_ifindex = m->m_pkthdr.rcvif ? 1147 m->m_pkthdr.rcvif->if_index : 0; 1148 *mp = sbcreatecontrol((void *) &pi6, 1149 sizeof(struct in6_pktinfo), 1150 IS2292(IPV6_2292PKTINFO, IPV6_PKTINFO), IPPROTO_IPV6); 1151 if (*mp) 1152 mp = &(*mp)->m_next; 1153 } 1154 1155 if (in6p->in6p_flags & IN6P_HOPLIMIT) { 1156 int hlim = ip6->ip6_hlim & 0xff; 1157 1158 *mp = sbcreatecontrol((void *) &hlim, sizeof(int), 1159 IS2292(IPV6_2292HOPLIMIT, IPV6_HOPLIMIT), IPPROTO_IPV6); 1160 if (*mp) 1161 mp = &(*mp)->m_next; 1162 } 1163 1164 if ((in6p->in6p_flags & IN6P_TCLASS) != 0) { 1165 u_int32_t flowinfo; 1166 int tclass; 1167 1168 flowinfo = (u_int32_t)ntohl(ip6->ip6_flow & IPV6_FLOWINFO_MASK); 1169 flowinfo >>= 20; 1170 1171 tclass = flowinfo & 0xff; 1172 *mp = sbcreatecontrol((void *)&tclass, sizeof(tclass), 1173 IPV6_TCLASS, IPPROTO_IPV6); 1174 1175 if (*mp) 1176 mp = &(*mp)->m_next; 1177 } 1178 1179 /* 1180 * IPV6_HOPOPTS socket option. Recall that we required super-user 1181 * privilege for the option (see ip6_ctloutput), but it might be too 1182 * strict, since there might be some hop-by-hop options which can be 1183 * returned to normal user. 1184 * See also RFC3542 section 8 (or RFC2292 section 6). 1185 */ 1186 if ((in6p->in6p_flags & IN6P_HOPOPTS) != 0) { 1187 /* 1188 * Check if a hop-by-hop options header is contatined in the 1189 * received packet, and if so, store the options as ancillary 1190 * data. Note that a hop-by-hop options header must be 1191 * just after the IPv6 header, which fact is assured through 1192 * the IPv6 input processing. 1193 */ 1194 struct ip6_hdr *xip6 = mtod(m, struct ip6_hdr *); 1195 if (xip6->ip6_nxt == IPPROTO_HOPOPTS) { 1196 struct ip6_hbh *hbh; 1197 int hbhlen; 1198 struct mbuf *ext; 1199 1200 ext = ip6_pullexthdr(m, sizeof(struct ip6_hdr), 1201 xip6->ip6_nxt); 1202 if (ext == NULL) { 1203 IP6_STATINC(IP6_STAT_TOOSHORT); 1204 return; 1205 } 1206 hbh = mtod(ext, struct ip6_hbh *); 1207 hbhlen = (hbh->ip6h_len + 1) << 3; 1208 if (hbhlen != ext->m_len) { 1209 m_freem(ext); 1210 IP6_STATINC(IP6_STAT_TOOSHORT); 1211 return; 1212 } 1213 1214 /* 1215 * XXX: We copy whole the header even if a jumbo 1216 * payload option is included, which option is to 1217 * be removed before returning in the RFC 2292. 1218 * Note: this constraint is removed in RFC3542. 1219 */ 1220 *mp = sbcreatecontrol((void *)hbh, hbhlen, 1221 IS2292(IPV6_2292HOPOPTS, IPV6_HOPOPTS), 1222 IPPROTO_IPV6); 1223 if (*mp) 1224 mp = &(*mp)->m_next; 1225 m_freem(ext); 1226 } 1227 } 1228 1229 /* IPV6_DSTOPTS and IPV6_RTHDR socket options */ 1230 if (in6p->in6p_flags & (IN6P_DSTOPTS | IN6P_RTHDR)) { 1231 struct ip6_hdr *xip6 = mtod(m, struct ip6_hdr *); 1232 int nxt = xip6->ip6_nxt, off = sizeof(struct ip6_hdr); 1233 1234 /* 1235 * Search for destination options headers or routing 1236 * header(s) through the header chain, and stores each 1237 * header as ancillary data. 1238 * Note that the order of the headers remains in 1239 * the chain of ancillary data. 1240 */ 1241 for (;;) { /* is explicit loop prevention necessary? */ 1242 struct ip6_ext *ip6e = NULL; 1243 int elen; 1244 struct mbuf *ext = NULL; 1245 1246 /* 1247 * if it is not an extension header, don't try to 1248 * pull it from the chain. 1249 */ 1250 switch (nxt) { 1251 case IPPROTO_DSTOPTS: 1252 case IPPROTO_ROUTING: 1253 case IPPROTO_HOPOPTS: 1254 case IPPROTO_AH: /* is it possible? */ 1255 break; 1256 default: 1257 goto loopend; 1258 } 1259 1260 ext = ip6_pullexthdr(m, off, nxt); 1261 if (ext == NULL) { 1262 IP6_STATINC(IP6_STAT_TOOSHORT); 1263 return; 1264 } 1265 ip6e = mtod(ext, struct ip6_ext *); 1266 if (nxt == IPPROTO_AH) 1267 elen = (ip6e->ip6e_len + 2) << 2; 1268 else 1269 elen = (ip6e->ip6e_len + 1) << 3; 1270 if (elen != ext->m_len) { 1271 m_freem(ext); 1272 IP6_STATINC(IP6_STAT_TOOSHORT); 1273 return; 1274 } 1275 KASSERT(IP6_HDR_ALIGNED_P(ip6e)); 1276 1277 switch (nxt) { 1278 case IPPROTO_DSTOPTS: 1279 if (!(in6p->in6p_flags & IN6P_DSTOPTS)) 1280 break; 1281 1282 *mp = sbcreatecontrol((void *)ip6e, elen, 1283 IS2292(IPV6_2292DSTOPTS, IPV6_DSTOPTS), 1284 IPPROTO_IPV6); 1285 if (*mp) 1286 mp = &(*mp)->m_next; 1287 break; 1288 1289 case IPPROTO_ROUTING: 1290 if (!(in6p->in6p_flags & IN6P_RTHDR)) 1291 break; 1292 1293 *mp = sbcreatecontrol((void *)ip6e, elen, 1294 IS2292(IPV6_2292RTHDR, IPV6_RTHDR), 1295 IPPROTO_IPV6); 1296 if (*mp) 1297 mp = &(*mp)->m_next; 1298 break; 1299 1300 case IPPROTO_HOPOPTS: 1301 case IPPROTO_AH: /* is it possible? */ 1302 break; 1303 1304 default: 1305 /* 1306 * other cases have been filtered in the above. 1307 * none will visit this case. here we supply 1308 * the code just in case (nxt overwritten or 1309 * other cases). 1310 */ 1311 m_freem(ext); 1312 goto loopend; 1313 1314 } 1315 1316 /* proceed with the next header. */ 1317 off += elen; 1318 nxt = ip6e->ip6e_nxt; 1319 ip6e = NULL; 1320 m_freem(ext); 1321 ext = NULL; 1322 } 1323 loopend: 1324 ; 1325 } 1326 } 1327 #undef IS2292 1328 1329 1330 void 1331 ip6_notify_pmtu(struct in6pcb *in6p, const struct sockaddr_in6 *dst, 1332 uint32_t *mtu) 1333 { 1334 struct socket *so; 1335 struct mbuf *m_mtu; 1336 struct ip6_mtuinfo mtuctl; 1337 1338 so = in6p->in6p_socket; 1339 1340 if (mtu == NULL) 1341 return; 1342 1343 #ifdef DIAGNOSTIC 1344 if (so == NULL) /* I believe this is impossible */ 1345 panic("ip6_notify_pmtu: socket is NULL"); 1346 #endif 1347 1348 memset(&mtuctl, 0, sizeof(mtuctl)); /* zero-clear for safety */ 1349 mtuctl.ip6m_mtu = *mtu; 1350 mtuctl.ip6m_addr = *dst; 1351 if (sa6_recoverscope(&mtuctl.ip6m_addr)) 1352 return; 1353 1354 if ((m_mtu = sbcreatecontrol((void *)&mtuctl, sizeof(mtuctl), 1355 IPV6_PATHMTU, IPPROTO_IPV6)) == NULL) 1356 return; 1357 1358 if (sbappendaddr(&so->so_rcv, (const struct sockaddr *)dst, NULL, m_mtu) 1359 == 0) { 1360 m_freem(m_mtu); 1361 /* XXX: should count statistics */ 1362 } else 1363 sorwakeup(so); 1364 1365 return; 1366 } 1367 1368 /* 1369 * pull single extension header from mbuf chain. returns single mbuf that 1370 * contains the result, or NULL on error. 1371 */ 1372 static struct mbuf * 1373 ip6_pullexthdr(struct mbuf *m, size_t off, int nxt) 1374 { 1375 struct ip6_ext ip6e; 1376 size_t elen; 1377 struct mbuf *n; 1378 1379 #ifdef DIAGNOSTIC 1380 switch (nxt) { 1381 case IPPROTO_DSTOPTS: 1382 case IPPROTO_ROUTING: 1383 case IPPROTO_HOPOPTS: 1384 case IPPROTO_AH: /* is it possible? */ 1385 break; 1386 default: 1387 printf("ip6_pullexthdr: invalid nxt=%d\n", nxt); 1388 } 1389 #endif 1390 1391 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e); 1392 if (nxt == IPPROTO_AH) 1393 elen = (ip6e.ip6e_len + 2) << 2; 1394 else 1395 elen = (ip6e.ip6e_len + 1) << 3; 1396 1397 MGET(n, M_DONTWAIT, MT_DATA); 1398 if (n && elen >= MLEN) { 1399 MCLGET(n, M_DONTWAIT); 1400 if ((n->m_flags & M_EXT) == 0) { 1401 m_free(n); 1402 n = NULL; 1403 } 1404 } 1405 if (!n) 1406 return NULL; 1407 1408 n->m_len = 0; 1409 if (elen >= M_TRAILINGSPACE(n)) { 1410 m_free(n); 1411 return NULL; 1412 } 1413 1414 m_copydata(m, off, elen, mtod(n, void *)); 1415 n->m_len = elen; 1416 return n; 1417 } 1418 1419 /* 1420 * Get pointer to the previous header followed by the header 1421 * currently processed. 1422 * XXX: This function supposes that 1423 * M includes all headers, 1424 * the next header field and the header length field of each header 1425 * are valid, and 1426 * the sum of each header length equals to OFF. 1427 * Because of these assumptions, this function must be called very 1428 * carefully. Moreover, it will not be used in the near future when 1429 * we develop `neater' mechanism to process extension headers. 1430 */ 1431 u_int8_t * 1432 ip6_get_prevhdr(struct mbuf *m, int off) 1433 { 1434 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 1435 1436 if (off == sizeof(struct ip6_hdr)) 1437 return (&ip6->ip6_nxt); 1438 else { 1439 int len, nxt; 1440 struct ip6_ext *ip6e = NULL; 1441 1442 nxt = ip6->ip6_nxt; 1443 len = sizeof(struct ip6_hdr); 1444 while (len < off) { 1445 ip6e = (struct ip6_ext *)(mtod(m, char *) + len); 1446 1447 switch (nxt) { 1448 case IPPROTO_FRAGMENT: 1449 len += sizeof(struct ip6_frag); 1450 break; 1451 case IPPROTO_AH: 1452 len += (ip6e->ip6e_len + 2) << 2; 1453 break; 1454 default: 1455 len += (ip6e->ip6e_len + 1) << 3; 1456 break; 1457 } 1458 nxt = ip6e->ip6e_nxt; 1459 } 1460 if (ip6e) 1461 return (&ip6e->ip6e_nxt); 1462 else 1463 return NULL; 1464 } 1465 } 1466 1467 /* 1468 * get next header offset. m will be retained. 1469 */ 1470 int 1471 ip6_nexthdr(struct mbuf *m, int off, int proto, int *nxtp) 1472 { 1473 struct ip6_hdr ip6; 1474 struct ip6_ext ip6e; 1475 struct ip6_frag fh; 1476 1477 /* just in case */ 1478 if (m == NULL) 1479 panic("ip6_nexthdr: m == NULL"); 1480 if ((m->m_flags & M_PKTHDR) == 0 || m->m_pkthdr.len < off) 1481 return -1; 1482 1483 switch (proto) { 1484 case IPPROTO_IPV6: 1485 /* do not chase beyond intermediate IPv6 headers */ 1486 if (off != 0) 1487 return -1; 1488 if (m->m_pkthdr.len < off + sizeof(ip6)) 1489 return -1; 1490 m_copydata(m, off, sizeof(ip6), (void *)&ip6); 1491 if (nxtp) 1492 *nxtp = ip6.ip6_nxt; 1493 off += sizeof(ip6); 1494 return off; 1495 1496 case IPPROTO_FRAGMENT: 1497 /* 1498 * terminate parsing if it is not the first fragment, 1499 * it does not make sense to parse through it. 1500 */ 1501 if (m->m_pkthdr.len < off + sizeof(fh)) 1502 return -1; 1503 m_copydata(m, off, sizeof(fh), (void *)&fh); 1504 if ((fh.ip6f_offlg & IP6F_OFF_MASK) != 0) 1505 return -1; 1506 if (nxtp) 1507 *nxtp = fh.ip6f_nxt; 1508 off += sizeof(struct ip6_frag); 1509 return off; 1510 1511 case IPPROTO_AH: 1512 if (m->m_pkthdr.len < off + sizeof(ip6e)) 1513 return -1; 1514 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e); 1515 if (nxtp) 1516 *nxtp = ip6e.ip6e_nxt; 1517 off += (ip6e.ip6e_len + 2) << 2; 1518 if (m->m_pkthdr.len < off) 1519 return -1; 1520 return off; 1521 1522 case IPPROTO_HOPOPTS: 1523 case IPPROTO_ROUTING: 1524 case IPPROTO_DSTOPTS: 1525 if (m->m_pkthdr.len < off + sizeof(ip6e)) 1526 return -1; 1527 m_copydata(m, off, sizeof(ip6e), (void *)&ip6e); 1528 if (nxtp) 1529 *nxtp = ip6e.ip6e_nxt; 1530 off += (ip6e.ip6e_len + 1) << 3; 1531 if (m->m_pkthdr.len < off) 1532 return -1; 1533 return off; 1534 1535 case IPPROTO_NONE: 1536 case IPPROTO_ESP: 1537 case IPPROTO_IPCOMP: 1538 /* give up */ 1539 return -1; 1540 1541 default: 1542 return -1; 1543 } 1544 } 1545 1546 /* 1547 * get offset for the last header in the chain. m will be kept untainted. 1548 */ 1549 int 1550 ip6_lasthdr(struct mbuf *m, int off, int proto, int *nxtp) 1551 { 1552 int newoff; 1553 int nxt; 1554 1555 if (!nxtp) { 1556 nxt = -1; 1557 nxtp = &nxt; 1558 } 1559 for (;;) { 1560 newoff = ip6_nexthdr(m, off, proto, nxtp); 1561 if (newoff < 0) 1562 return off; 1563 else if (newoff < off) 1564 return -1; /* invalid */ 1565 else if (newoff == off) 1566 return newoff; 1567 1568 off = newoff; 1569 proto = *nxtp; 1570 } 1571 } 1572 1573 struct m_tag * 1574 ip6_addaux(struct mbuf *m) 1575 { 1576 struct m_tag *mtag; 1577 1578 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL); 1579 if (!mtag) { 1580 mtag = m_tag_get(PACKET_TAG_INET6, sizeof(struct ip6aux), 1581 M_NOWAIT); 1582 if (mtag) { 1583 m_tag_prepend(m, mtag); 1584 memset(mtag + 1, 0, sizeof(struct ip6aux)); 1585 } 1586 } 1587 return mtag; 1588 } 1589 1590 struct m_tag * 1591 ip6_findaux(struct mbuf *m) 1592 { 1593 struct m_tag *mtag; 1594 1595 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL); 1596 return mtag; 1597 } 1598 1599 void 1600 ip6_delaux(struct mbuf *m) 1601 { 1602 struct m_tag *mtag; 1603 1604 mtag = m_tag_find(m, PACKET_TAG_INET6, NULL); 1605 if (mtag) 1606 m_tag_delete(m, mtag); 1607 } 1608 1609 #ifdef GATEWAY 1610 /* 1611 * sysctl helper routine for net.inet.ip6.maxflows. Since 1612 * we could reduce this value, call ip6flow_reap(); 1613 */ 1614 static int 1615 sysctl_net_inet6_ip6_maxflows(SYSCTLFN_ARGS) 1616 { 1617 int error; 1618 1619 error = sysctl_lookup(SYSCTLFN_CALL(rnode)); 1620 if (error || newp == NULL) 1621 return (error); 1622 1623 mutex_enter(softnet_lock); 1624 KERNEL_LOCK(1, NULL); 1625 1626 ip6flow_reap(0); 1627 1628 KERNEL_UNLOCK_ONE(NULL); 1629 mutex_exit(softnet_lock); 1630 1631 return (0); 1632 } 1633 1634 static int 1635 sysctl_net_inet6_ip6_hashsize(SYSCTLFN_ARGS) 1636 { 1637 int error, tmp; 1638 struct sysctlnode node; 1639 1640 node = *rnode; 1641 tmp = ip6_hashsize; 1642 node.sysctl_data = &tmp; 1643 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 1644 if (error || newp == NULL) 1645 return (error); 1646 1647 if ((tmp & (tmp - 1)) == 0 && tmp != 0) { 1648 /* 1649 * Can only fail due to malloc() 1650 */ 1651 mutex_enter(softnet_lock); 1652 KERNEL_LOCK(1, NULL); 1653 1654 error = ip6flow_invalidate_all(tmp); 1655 1656 KERNEL_UNLOCK_ONE(NULL); 1657 mutex_exit(softnet_lock); 1658 } else { 1659 /* 1660 * EINVAL if not a power of 2 1661 */ 1662 error = EINVAL; 1663 } 1664 1665 return error; 1666 } 1667 #endif /* GATEWAY */ 1668 1669 /* 1670 * System control for IP6 1671 */ 1672 1673 const u_char inet6ctlerrmap[PRC_NCMDS] = { 1674 0, 0, 0, 0, 1675 0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH, 1676 EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED, 1677 EMSGSIZE, EHOSTUNREACH, 0, 0, 1678 0, 0, 0, 0, 1679 ENOPROTOOPT 1680 }; 1681 1682 static int 1683 sysctl_net_inet6_ip6_stats(SYSCTLFN_ARGS) 1684 { 1685 1686 return (NETSTAT_SYSCTL(ip6stat_percpu, IP6_NSTATS)); 1687 } 1688 1689 static void 1690 sysctl_net_inet6_ip6_setup(struct sysctllog **clog) 1691 { 1692 #ifdef RFC2292 1693 #define IS2292(x, y) ((in6p->in6p_flags & IN6P_RFC2292) ? (x) : (y)) 1694 #else 1695 #define IS2292(x, y) (y) 1696 #endif 1697 1698 sysctl_createv(clog, 0, NULL, NULL, 1699 CTLFLAG_PERMANENT, 1700 CTLTYPE_NODE, "net", NULL, 1701 NULL, 0, NULL, 0, 1702 CTL_NET, CTL_EOL); 1703 sysctl_createv(clog, 0, NULL, NULL, 1704 CTLFLAG_PERMANENT, 1705 CTLTYPE_NODE, "inet6", 1706 SYSCTL_DESCR("PF_INET6 related settings"), 1707 NULL, 0, NULL, 0, 1708 CTL_NET, PF_INET6, CTL_EOL); 1709 sysctl_createv(clog, 0, NULL, NULL, 1710 CTLFLAG_PERMANENT, 1711 CTLTYPE_NODE, "ip6", 1712 SYSCTL_DESCR("IPv6 related settings"), 1713 NULL, 0, NULL, 0, 1714 CTL_NET, PF_INET6, IPPROTO_IPV6, CTL_EOL); 1715 1716 sysctl_createv(clog, 0, NULL, NULL, 1717 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1718 CTLTYPE_INT, "forwarding", 1719 SYSCTL_DESCR("Enable forwarding of INET6 datagrams"), 1720 NULL, 0, &ip6_forwarding, 0, 1721 CTL_NET, PF_INET6, IPPROTO_IPV6, 1722 IPV6CTL_FORWARDING, CTL_EOL); 1723 sysctl_createv(clog, 0, NULL, NULL, 1724 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1725 CTLTYPE_INT, "redirect", 1726 SYSCTL_DESCR("Enable sending of ICMPv6 redirect messages"), 1727 NULL, 0, &ip6_sendredirects, 0, 1728 CTL_NET, PF_INET6, IPPROTO_IPV6, 1729 IPV6CTL_SENDREDIRECTS, CTL_EOL); 1730 sysctl_createv(clog, 0, NULL, NULL, 1731 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1732 CTLTYPE_INT, "hlim", 1733 SYSCTL_DESCR("Hop limit for an INET6 datagram"), 1734 NULL, 0, &ip6_defhlim, 0, 1735 CTL_NET, PF_INET6, IPPROTO_IPV6, 1736 IPV6CTL_DEFHLIM, CTL_EOL); 1737 #ifdef notyet 1738 sysctl_createv(clog, 0, NULL, NULL, 1739 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1740 CTLTYPE_INT, "mtu", NULL, 1741 NULL, 0, &, 0, 1742 CTL_NET, PF_INET6, IPPROTO_IPV6, 1743 IPV6CTL_DEFMTU, CTL_EOL); 1744 #endif 1745 #ifdef __no_idea__ 1746 sysctl_createv(clog, 0, NULL, NULL, 1747 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1748 CTLTYPE_INT, "forwsrcrt", NULL, 1749 NULL, 0, &?, 0, 1750 CTL_NET, PF_INET6, IPPROTO_IPV6, 1751 IPV6CTL_FORWSRCRT, CTL_EOL); 1752 sysctl_createv(clog, 0, NULL, NULL, 1753 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1754 CTLTYPE_STRUCT, "mrtstats", NULL, 1755 NULL, 0, &?, sizeof(?), 1756 CTL_NET, PF_INET6, IPPROTO_IPV6, 1757 IPV6CTL_MRTSTATS, CTL_EOL); 1758 sysctl_createv(clog, 0, NULL, NULL, 1759 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1760 CTLTYPE_?, "mrtproto", NULL, 1761 NULL, 0, &?, sizeof(?), 1762 CTL_NET, PF_INET6, IPPROTO_IPV6, 1763 IPV6CTL_MRTPROTO, CTL_EOL); 1764 #endif 1765 sysctl_createv(clog, 0, NULL, NULL, 1766 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1767 CTLTYPE_INT, "maxfragpackets", 1768 SYSCTL_DESCR("Maximum number of fragments to buffer " 1769 "for reassembly"), 1770 NULL, 0, &ip6_maxfragpackets, 0, 1771 CTL_NET, PF_INET6, IPPROTO_IPV6, 1772 IPV6CTL_MAXFRAGPACKETS, CTL_EOL); 1773 #ifdef __no_idea__ 1774 sysctl_createv(clog, 0, NULL, NULL, 1775 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1776 CTLTYPE_INT, "sourcecheck", NULL, 1777 NULL, 0, &?, 0, 1778 CTL_NET, PF_INET6, IPPROTO_IPV6, 1779 IPV6CTL_SOURCECHECK, CTL_EOL); 1780 sysctl_createv(clog, 0, NULL, NULL, 1781 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1782 CTLTYPE_INT, "sourcecheck_logint", NULL, 1783 NULL, 0, &?, 0, 1784 CTL_NET, PF_INET6, IPPROTO_IPV6, 1785 IPV6CTL_SOURCECHECK_LOGINT, CTL_EOL); 1786 #endif 1787 sysctl_createv(clog, 0, NULL, NULL, 1788 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1789 CTLTYPE_INT, "accept_rtadv", 1790 SYSCTL_DESCR("Accept router advertisements"), 1791 NULL, 0, &ip6_accept_rtadv, 0, 1792 CTL_NET, PF_INET6, IPPROTO_IPV6, 1793 IPV6CTL_ACCEPT_RTADV, CTL_EOL); 1794 sysctl_createv(clog, 0, NULL, NULL, 1795 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1796 CTLTYPE_INT, "keepfaith", 1797 SYSCTL_DESCR("Activate faith interface"), 1798 NULL, 0, &ip6_keepfaith, 0, 1799 CTL_NET, PF_INET6, IPPROTO_IPV6, 1800 IPV6CTL_KEEPFAITH, CTL_EOL); 1801 sysctl_createv(clog, 0, NULL, NULL, 1802 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1803 CTLTYPE_INT, "log_interval", 1804 SYSCTL_DESCR("Minumum interval between logging " 1805 "unroutable packets"), 1806 NULL, 0, &ip6_log_interval, 0, 1807 CTL_NET, PF_INET6, IPPROTO_IPV6, 1808 IPV6CTL_LOG_INTERVAL, CTL_EOL); 1809 sysctl_createv(clog, 0, NULL, NULL, 1810 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1811 CTLTYPE_INT, "hdrnestlimit", 1812 SYSCTL_DESCR("Maximum number of nested IPv6 headers"), 1813 NULL, 0, &ip6_hdrnestlimit, 0, 1814 CTL_NET, PF_INET6, IPPROTO_IPV6, 1815 IPV6CTL_HDRNESTLIMIT, CTL_EOL); 1816 sysctl_createv(clog, 0, NULL, NULL, 1817 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1818 CTLTYPE_INT, "dad_count", 1819 SYSCTL_DESCR("Number of Duplicate Address Detection " 1820 "probes to send"), 1821 NULL, 0, &ip6_dad_count, 0, 1822 CTL_NET, PF_INET6, IPPROTO_IPV6, 1823 IPV6CTL_DAD_COUNT, CTL_EOL); 1824 sysctl_createv(clog, 0, NULL, NULL, 1825 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1826 CTLTYPE_INT, "auto_flowlabel", 1827 SYSCTL_DESCR("Assign random IPv6 flow labels"), 1828 NULL, 0, &ip6_auto_flowlabel, 0, 1829 CTL_NET, PF_INET6, IPPROTO_IPV6, 1830 IPV6CTL_AUTO_FLOWLABEL, CTL_EOL); 1831 sysctl_createv(clog, 0, NULL, NULL, 1832 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1833 CTLTYPE_INT, "defmcasthlim", 1834 SYSCTL_DESCR("Default multicast hop limit"), 1835 NULL, 0, &ip6_defmcasthlim, 0, 1836 CTL_NET, PF_INET6, IPPROTO_IPV6, 1837 IPV6CTL_DEFMCASTHLIM, CTL_EOL); 1838 #if NGIF > 0 1839 sysctl_createv(clog, 0, NULL, NULL, 1840 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1841 CTLTYPE_INT, "gifhlim", 1842 SYSCTL_DESCR("Default hop limit for a gif tunnel datagram"), 1843 NULL, 0, &ip6_gif_hlim, 0, 1844 CTL_NET, PF_INET6, IPPROTO_IPV6, 1845 IPV6CTL_GIF_HLIM, CTL_EOL); 1846 #endif /* NGIF */ 1847 sysctl_createv(clog, 0, NULL, NULL, 1848 CTLFLAG_PERMANENT, 1849 CTLTYPE_STRING, "kame_version", 1850 SYSCTL_DESCR("KAME Version"), 1851 NULL, 0, __UNCONST(__KAME_VERSION), 0, 1852 CTL_NET, PF_INET6, IPPROTO_IPV6, 1853 IPV6CTL_KAME_VERSION, CTL_EOL); 1854 sysctl_createv(clog, 0, NULL, NULL, 1855 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1856 CTLTYPE_INT, "use_deprecated", 1857 SYSCTL_DESCR("Allow use of deprecated addresses as " 1858 "source addresses"), 1859 NULL, 0, &ip6_use_deprecated, 0, 1860 CTL_NET, PF_INET6, IPPROTO_IPV6, 1861 IPV6CTL_USE_DEPRECATED, CTL_EOL); 1862 sysctl_createv(clog, 0, NULL, NULL, 1863 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1864 CTLTYPE_INT, "rr_prune", NULL, 1865 NULL, 0, &ip6_rr_prune, 0, 1866 CTL_NET, PF_INET6, IPPROTO_IPV6, 1867 IPV6CTL_RR_PRUNE, CTL_EOL); 1868 sysctl_createv(clog, 0, NULL, NULL, 1869 CTLFLAG_PERMANENT 1870 #ifndef INET6_BINDV6ONLY 1871 |CTLFLAG_READWRITE, 1872 #endif 1873 CTLTYPE_INT, "v6only", 1874 SYSCTL_DESCR("Disallow PF_INET6 sockets from connecting " 1875 "to PF_INET sockets"), 1876 NULL, 0, &ip6_v6only, 0, 1877 CTL_NET, PF_INET6, IPPROTO_IPV6, 1878 IPV6CTL_V6ONLY, CTL_EOL); 1879 sysctl_createv(clog, 0, NULL, NULL, 1880 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1881 CTLTYPE_INT, "anonportmin", 1882 SYSCTL_DESCR("Lowest ephemeral port number to assign"), 1883 sysctl_net_inet_ip_ports, 0, &ip6_anonportmin, 0, 1884 CTL_NET, PF_INET6, IPPROTO_IPV6, 1885 IPV6CTL_ANONPORTMIN, CTL_EOL); 1886 sysctl_createv(clog, 0, NULL, NULL, 1887 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1888 CTLTYPE_INT, "anonportmax", 1889 SYSCTL_DESCR("Highest ephemeral port number to assign"), 1890 sysctl_net_inet_ip_ports, 0, &ip6_anonportmax, 0, 1891 CTL_NET, PF_INET6, IPPROTO_IPV6, 1892 IPV6CTL_ANONPORTMAX, CTL_EOL); 1893 #ifndef IPNOPRIVPORTS 1894 sysctl_createv(clog, 0, NULL, NULL, 1895 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1896 CTLTYPE_INT, "lowportmin", 1897 SYSCTL_DESCR("Lowest privileged ephemeral port number " 1898 "to assign"), 1899 sysctl_net_inet_ip_ports, 0, &ip6_lowportmin, 0, 1900 CTL_NET, PF_INET6, IPPROTO_IPV6, 1901 IPV6CTL_LOWPORTMIN, CTL_EOL); 1902 sysctl_createv(clog, 0, NULL, NULL, 1903 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1904 CTLTYPE_INT, "lowportmax", 1905 SYSCTL_DESCR("Highest privileged ephemeral port number " 1906 "to assign"), 1907 sysctl_net_inet_ip_ports, 0, &ip6_lowportmax, 0, 1908 CTL_NET, PF_INET6, IPPROTO_IPV6, 1909 IPV6CTL_LOWPORTMAX, CTL_EOL); 1910 #endif /* IPNOPRIVPORTS */ 1911 sysctl_createv(clog, 0, NULL, NULL, 1912 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1913 CTLTYPE_INT, "use_tempaddr", 1914 SYSCTL_DESCR("Use temporary address"), 1915 NULL, 0, &ip6_use_tempaddr, 0, 1916 CTL_NET, PF_INET6, IPPROTO_IPV6, 1917 CTL_CREATE, CTL_EOL); 1918 sysctl_createv(clog, 0, NULL, NULL, 1919 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1920 CTLTYPE_INT, "temppltime", 1921 SYSCTL_DESCR("preferred lifetime of a temporary address"), 1922 NULL, 0, &ip6_temp_preferred_lifetime, 0, 1923 CTL_NET, PF_INET6, IPPROTO_IPV6, 1924 CTL_CREATE, CTL_EOL); 1925 sysctl_createv(clog, 0, NULL, NULL, 1926 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1927 CTLTYPE_INT, "tempvltime", 1928 SYSCTL_DESCR("valid lifetime of a temporary address"), 1929 NULL, 0, &ip6_temp_valid_lifetime, 0, 1930 CTL_NET, PF_INET6, IPPROTO_IPV6, 1931 CTL_CREATE, CTL_EOL); 1932 sysctl_createv(clog, 0, NULL, NULL, 1933 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1934 CTLTYPE_INT, "maxfrags", 1935 SYSCTL_DESCR("Maximum fragments in reassembly queue"), 1936 NULL, 0, &ip6_maxfrags, 0, 1937 CTL_NET, PF_INET6, IPPROTO_IPV6, 1938 IPV6CTL_MAXFRAGS, CTL_EOL); 1939 sysctl_createv(clog, 0, NULL, NULL, 1940 CTLFLAG_PERMANENT, 1941 CTLTYPE_STRUCT, "stats", 1942 SYSCTL_DESCR("IPv6 statistics"), 1943 sysctl_net_inet6_ip6_stats, 0, NULL, 0, 1944 CTL_NET, PF_INET6, IPPROTO_IPV6, 1945 IPV6CTL_STATS, CTL_EOL); 1946 sysctl_createv(clog, 0, NULL, NULL, 1947 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1948 CTLTYPE_INT, "use_defaultzone", 1949 SYSCTL_DESCR("Whether to use the default scope zones"), 1950 NULL, 0, &ip6_use_defzone, 0, 1951 CTL_NET, PF_INET6, IPPROTO_IPV6, 1952 IPV6CTL_USE_DEFAULTZONE, CTL_EOL); 1953 sysctl_createv(clog, 0, NULL, NULL, 1954 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1955 CTLTYPE_INT, "mcast_pmtu", 1956 SYSCTL_DESCR("Enable pMTU discovery for multicast packet"), 1957 NULL, 0, &ip6_mcast_pmtu, 0, 1958 CTL_NET, PF_INET6, IPPROTO_IPV6, 1959 CTL_CREATE, CTL_EOL); 1960 #ifdef GATEWAY 1961 sysctl_createv(clog, 0, NULL, NULL, 1962 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1963 CTLTYPE_INT, "maxflows", 1964 SYSCTL_DESCR("Number of flows for fast forwarding (IPv6)"), 1965 sysctl_net_inet6_ip6_maxflows, 0, &ip6_maxflows, 0, 1966 CTL_NET, PF_INET6, IPPROTO_IPV6, 1967 CTL_CREATE, CTL_EOL); 1968 sysctl_createv(clog, 0, NULL, NULL, 1969 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 1970 CTLTYPE_INT, "hashsize", 1971 SYSCTL_DESCR("Size of hash table for fast forwarding (IPv6)"), 1972 sysctl_net_inet6_ip6_hashsize, 0, &ip6_hashsize, 0, 1973 CTL_NET, PF_INET6, IPPROTO_IPV6, 1974 CTL_CREATE, CTL_EOL); 1975 #endif 1976 } 1977 1978 void 1979 ip6_statinc(u_int stat) 1980 { 1981 1982 KASSERT(stat < IP6_NSTATS); 1983 IP6_STATINC(stat); 1984 } 1985